package com.xzw.servlet;

import com.xzw.JdbcUtils;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;


@WebServlet(urlPatterns = "/xzwlogin")
public class LoginServlet extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String username = req.getParameter("u");
        String password = req.getParameter("p");

        System.out.println("username = "+ username);
        System.out.println("password = "+ password);

        String code = req.getParameter("c");

        HttpSession session = req.getSession();
        Object ccc = session.getAttribute("CCC");
        boolean isTrue = code != null && code.equals(ccc);
        if(!isTrue){
            //输入的验证码和存储到session中的验证码不一致
            PrintWriter writer = resp.getWriter();
            writer.write("code is error");
            writer.flush();
            writer.close();
            return;
        }

        //查询数据库
        String sql="SELECT id FROM `user` where username=? and `password`=MD5(?)";
        Integer id = JdbcUtils.select(sql, Integer.class, username, password);
        if(id != null && id > 0) {
            //当凭借账号和密码成功查询到id的时候，将其存储到session中
            session.setAttribute("UID", id);
            //重定向到首页
            resp.sendRedirect("/xzw/xzwindex.jsp");
        }else{
            //重定向到登录页
            resp.sendRedirect("/xzw/login.jsp");
        }

    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doGet(req, resp);
    }
}
